Comment by mtlynch

10 hours ago

This is an extremely clickbaity headline.

The "recordings" are of a phisher attempting to get information from the author. It proves nothing about what Coinbase knew.

The author turned the information over to Coinbase, but that doesn't prove Coinbase knew about their breach. The customer could have leaked their account details in some other way.

4 comments

mtlynch

Reply
jclarkcom  10 hours ago

I sent the phone recording and emails to coinbase, and they acknowledged them saying "This report is super robust and gives us a lot to look into. We are investigating this scammer now."

  • mtlynch  8 hours ago

    The recordings don't prove anything about what Coinbase knew.

    I stand by my statement that the title is clickbait, as it's misleading on two fronts:

    - It's the email, not the call recording that proves what Coinbase knew, but "recordings prove" sounds more sensational

    - The email proves that Coinbase was aware of a sophisticated attack against a single user. You didn't have enough information to prove that there was a large scale leak of Coinbase customer data. There are sophisticated attacks against individual Coinbase users all the time due to the value of the accounts there.

  • mmooss  8 hours ago

    It seems like you did a great job collecting info and reporting it. Still, how do you know that the info was obtained via Coinbase? Certainly they are a likely vector but you are too, and maybe there are others.

    Edit: Nevermind; I see you addressed that here:

    https://news.ycombinator.com/item?id=45948808

rs186  9 hours ago

You apparently did not read the article. What you are looking for is right there.